Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/5af699-b1a9-49dc-bdc9-1d4dfb4f4800/1/dWPs7VeFNLjm6nNah79NK6nhBKs.roa
File: dWPs7VeFNLjm6nNah79NK6nhBKs.roa (raw, json)
Hash identifier: JDDvsXjy0E3I07/myojh4GuA7x8eVcmeYJ2Qeq0ViGU=
Subject key identifier: 75:63:EC:ED:57:85:34:B8:E6:EA:73:5A:87:BF:4D:2B:A9:E1:04:AB
Certificate issuer: /CN=21269675acefbbf8497b1e21ca73764af4aa8c7b
Certificate serial: 018CC3B7372F81A951F07F71226EDC8D496B
Authority key identifier: 21:26:96:75:AC:EF:BB:F8:49:7B:1E:21:CA:73:76:4A:F4:AA:8C:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ISaWdazvu_hJex4hynN2SvSqjHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/5af699-b1a9-49dc-bdc9-1d4dfb4f4800/1/dWPs7VeFNLjm6nNah79NK6nhBKs.roa
Signing time: Mon 01 Jan 2024 06:30:13 +0000
ROA not before: Mon 01 Jan 2024 06:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20847
IP address blocks: 62.165.64.0/18 maxlen: 24
84.241.128.0/18 maxlen: 24
80.65.96.0/19 maxlen: 24
2001:1690::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/5af699-b1a9-49dc-bdc9-1d4dfb4f4800/1/ISaWdazvu_hJex4hynN2SvSqjHs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/5af699-b1a9-49dc-bdc9-1d4dfb4f4800/1/ISaWdazvu_hJex4hynN2SvSqjHs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ISaWdazvu_hJex4hynN2SvSqjHs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:37:2f:81:a9:51:f0:7f:71:22:6e:dc:8d:49:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21269675acefbbf8497b1e21ca73764af4aa8c7b
Validity
Not Before: Jan 1 06:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7563eced578534b8e6ea735a87bf4d2ba9e104ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ea:95:27:70:7a:60:f6:03:78:3b:f3:60:22:
7e:5d:f1:cb:15:a6:99:3f:df:78:bc:30:59:d4:99:
bb:d6:26:fe:e3:89:62:39:c6:24:ef:3c:e0:14:8b:
6a:75:f1:4b:cd:7e:ef:63:d3:49:60:b7:b0:29:18:
ce:b5:3c:dc:fe:3f:32:ff:df:f4:dd:0f:bd:b0:56:
85:fa:e2:a0:ad:6e:0f:cf:e4:cb:5b:e1:af:e7:1c:
b9:01:8b:2d:45:bf:13:ae:71:a7:74:7e:c6:6a:fb:
52:23:05:e4:f4:f1:7b:7f:db:1c:b1:24:e8:73:6b:
c4:61:eb:48:af:83:b4:15:93:10:11:36:ec:df:42:
cd:fa:e4:fb:37:22:e9:a8:d0:3f:4e:7e:8d:3a:0f:
70:74:cc:10:3e:85:80:90:fe:00:ea:db:ea:3f:fe:
4e:b1:e8:a7:99:25:35:6e:fc:c1:bd:a0:9a:57:38:
cd:78:66:24:e3:f3:f8:72:5a:54:a5:26:52:60:81:
02:8e:fb:22:07:7a:d0:54:ae:ad:18:0b:06:fc:0d:
8e:41:f1:e4:df:f7:b7:49:88:51:f7:e3:fd:01:a7:
97:80:cb:73:a7:c2:eb:46:f6:2e:97:63:06:27:26:
67:db:34:d5:78:b8:52:fd:cf:bd:17:8a:f6:cd:b7:
8e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:63:EC:ED:57:85:34:B8:E6:EA:73:5A:87:BF:4D:2B:A9:E1:04:AB
X509v3 Authority Key Identifier:
keyid:21:26:96:75:AC:EF:BB:F8:49:7B:1E:21:CA:73:76:4A:F4:AA:8C:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ISaWdazvu_hJex4hynN2SvSqjHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/5af699-b1a9-49dc-bdc9-1d4dfb4f4800/1/dWPs7VeFNLjm6nNah79NK6nhBKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/5af699-b1a9-49dc-bdc9-1d4dfb4f4800/1/ISaWdazvu_hJex4hynN2SvSqjHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.165.64.0/18
80.65.96.0/19
84.241.128.0/18
IPv6:
2001:1690::/32
Signature Algorithm: sha256WithRSAEncryption
99:2d:b7:e7:7f:fe:fa:14:06:87:a7:90:45:04:4f:df:4f:a5:
94:ce:50:f3:70:d2:5a:ff:c3:80:76:c8:8d:f4:67:4c:20:97:
b6:ea:82:36:4f:9a:c2:49:73:f2:04:d4:f9:08:6d:cb:c1:b5:
b5:24:67:4e:85:9a:82:50:a1:e0:02:e6:0b:1e:8a:3f:8e:f2:
df:fa:35:9f:4a:04:d0:bd:4e:e2:82:7a:16:e6:46:f3:ac:bb:
aa:9c:89:e2:78:da:84:37:46:d1:13:89:ed:aa:8d:24:7e:d9:
45:b9:ba:62:4c:6f:e2:8c:82:83:95:78:7e:72:3a:5a:3f:2f:
19:4d:4a:fd:92:f3:08:9b:06:d4:47:d5:99:1f:d3:06:59:d7:
6b:7f:85:bb:f1:11:f3:6f:73:4b:5a:dd:b3:a0:50:c8:ef:ae:
5e:bd:10:80:7e:82:d5:57:df:76:e2:8f:36:13:91:d5:55:e8:
52:8c:f3:55:b6:f7:79:d6:6d:08:19:5c:04:50:06:a5:10:cb:
d2:15:78:b2:15:f0:38:22:99:b5:47:a9:c5:4f:de:a2:bc:95:
77:3b:7b:9d:ac:da:c3:a4:f2:4a:de:89:c7:08:ce:ee:79:91:
1f:fc:35:a1:0a:da:0a:44:fe:59:1b:39:4f:39:48:d4:d9:42:
c0:d8:4b:a2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDtzcvgalR8H9xIm7cjUlrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMjY5Njc1YWNlZmJiZjg0OTdiMWUyMWNhNzM3NjRhZjRh
YThjN2IwHhcNMjQwMTAxMDYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTYzZWNlZDU3ODUzNGI4ZTZlYTczNWE4N2JmNGQyYmE5ZTEwNGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweqVJ3B6YPYDeDvzYCJ+XfHLFaaZ
P994vDBZ1Jm71ib+44liOcYk7zzgFItqdfFLzX7vY9NJYLewKRjOtTzc/j8y/9/0
3Q+9sFaF+uKgrW4Pz+TLW+Gv5xy5AYstRb8TrnGndH7GavtSIwXk9PF7f9scsSTo
c2vEYetIr4O0FZMQETbs30LN+uT7NyLpqNA/Tn6NOg9wdMwQPoWAkP4A6tvqP/5O
seinmSU1bvzBvaCaVzjNeGYk4/P4clpUpSZSYIECjvsiB3rQVK6tGAsG/A2OQfHk
3/e3SYhR9+P9AaeXgMtzp8LrRvYul2MGJyZn2zTVeLhS/c+9F4r2zbeOEwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHVj7O1XhTS45upzWoe/TSup4QSrMB8GA1UdIwQY
MBaAFCEmlnWs77v4SXseIcpzdkr0qox7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVNhV2RhenZ1X2hKZXg0aHluTjJTdlNxakhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS81YWY2OTktYjFhOS00OWRjLWJkYzkt
MWQ0ZGZiNGY0ODAwLzEvZFdQczdWZUZOTGptNm5OYWg3OU5LNm5oQktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS81YWY2OTktYjFhOS00OWRjLWJkYzktMWQ0ZGZiNGY0ODAw
LzEvSVNhV2RhenZ1X2hKZXg0aHluTjJTdlNxakhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGPqVAAwQF
UEFgAwQGVPGAMA0EAgACMAcDBQAgARaQMA0GCSqGSIb3DQEBCwUAA4IBAQCZLbfn
f/76FAaHp5BFBE/fT6WUzlDzcNJa/8OAdsiN9GdMIJe26oI2T5rCSXPyBNT5CG3L
wbW1JGdOhZqCUKHgAuYLHoo/jvLf+jWfSgTQvU7ignoW5kbzrLuqnInieNqEN0bR
E4ntqo0kftlFubpiTG/ijIKDlXh+cjpaPy8ZTUr9kvMImwbUR9WZH9MGWddrf4W7
8RHzb3NLWt2zoFDI765evRCAfoLVV9924o82E5HVVehSjPNVtvd51m0IGVwEUAal
EMvSFXiyFfA4Ipm1R6nFT96ivJV3O3udrNrDpPJK3onHCM7ueZEf/DWhCtoKRP5Z
GzlPOUjU2ULA2Eui
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:17:32 2024 by rpki-client on console-fra.rpki-client.org